This article outlines routing best practices for the Citrix SD-WAN solution.
Internet/Intranet routing service
When the Internet service is not configured to Internet bound traffic and instead, either a Local route or a Passthrough route is configured to reach the gateway router. The router uses the WAN links configured on the SD-WAN appliance, leading to a link over-subscription issue.
If an Internet route is configured as Local at the MCN, it is learned by all the branch SD-WAN sites and configured as Virtual Path Route by default. This implies that Internet bound traffic at the branch appliance is routed through the Virtual Path to MCN.
The order of routing precedence:
- Prefix Match: Longest prefixes match.
- Service: Local, Virtual Path service, Internet, Intranet, Passthrough
- Route Cost
Ensure that there is no routing asymmetry on the network (SD-WAN appliance is transmitting traffic in only one direction). This creates issues with Firewall connection tracking and deep packet inspection.